Connect Postgres Database Using Lambda Function

Use slackbot to send SQS message which trigger lambda function for executing SQL command on database This post focuses on creating SQS queue and lambda function (not how to create a slackbot) 1. Crea

weixin_0010034

14人浏览 · 2022-08-05 05:13:29

weixin_0010034 · 2022-08-05 05:13:29 发布

Use slackbot to send SQS message which trigger lambda function for executing SQL command on database

Alt Text

This post focuses on creating SQS queue and lambda function (not how to create a slackbot)

1. Create SQS queue using CDK (Cloud Development Toolkit)

Source: https://github.com/vumdao/create-db-user/tree/master/sqs_stack

└── sqs_stack
    ├── app.py
    ├── cdk.json
    ├── README.md
    ├── requirements.txt
    ├── setup.py
    ├── source.bat
    └── sqs_stack
        ├── __init__.py
        └── sqs_stack_stack.py

Notes:

SQS name: create-db-account
SQS Default visibility timeout must be equal or higher than the timeout of the lambda function which is subscribed to
Deploy SQS

cdk deploy

Alt Text

2. Create Lambda function which is triggered by the SQS queue using AWS Chalice

Source: https://github.com/vumdao/create-db-user/tree/master/lambda

├── lambda
│   ├── app.py
│   ├── policy
│   ├── region.env
│   └── requirements.txt

The lambda function receive SQS message to execute SQL of creating new user on RDS

chalice new-project create-db-user

Set VPC for Lambda Function same with RDS, AWS Chalice bases on current region and the subnet ID to detect VPC, security is a must for using subnet-ID

      "subnet_ids": [
         "subnet-0f6ea4292ab9a63db",
         "subnet-00d29b42b2e17b5b5"
      ],
      "security_group_ids": ["sg-00668399e4bdd462e"]

Disable mange IAM role from AWS Chalice to control the policy of the role

      "manage_iam_role": false,
      "iam_role_arn": "arn:aws:iam::111111111111:role/create-db-user-dev",

Policy

    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "logs:CreateLogGroup",
                "logs:CreateLogStream",
                "logs:PutLogEvents"
            ],
            "Resource": "arn:*:logs:*:*:*"
        },
        {
            "Effect": "Allow",
            "Action": [
                "sqs:ReceiveMessage",
                "sqs:DeleteMessage",
                "sqs:GetQueueAttributes"
            ],
            "Resource": "*"
        },
        {
            "Effect": "Allow",
            "Action": [
                "ec2:DescribeNetworkInterfaces",
                "ec2:CreateNetworkInterface",
                "ec2:DeleteNetworkInterface",
                "ec2:DescribeInstances",
                "ec2:AttachNetworkInterface"
            ],
            "Resource": "*"
        }
    ]
}

Lambda does not resolve hostname directly so RDS hostname is resolved by using socket function

host=socket.gethostbyname(DB_HOST)

Deploy the lambda

chalice deploy

Alt Text

Test

Alt Text

Notes:

Lambda function will delete SQS message if there's no issue.
The SQS message will leave there until it's Default visibility timeout so should handle any exception to delete the message

CI/CD

CI/CD社区为您提供最前沿的新闻资讯和知识内容

更多推荐

Jenkins环境变量、参数及groovy脚本使用介绍。

这是系列中的第三篇文章使用 Jenkins 将 Django 应用程序部署到 AWS EC2 实例。 Jenkins的温和指南。在本文中,我们将介绍如何在 Jenkins 中使用变量和参数以及如何使用 groovy 脚本。我们将使用与以前相同的项目。您需要事先阅读过之前的文章。 1.如何在 JenkinsFile 中配置和使用变量。在编写 JenkinsFile 管道脚本时,您可能需要注入和

CI/CD

Rust 中的 OpenTelemetry 分布式跟踪指南

在本文中,我将分享我将 OpenTelemetry 分布式跟踪添加到 Rust 应用程序的经验。我将尝试回答以下问题: 如何在 Rust 中检测 Opentelemetry? 如何在 Rust 应用程序中添加手动和自动检测? 如何使用tracing来调试Rust应用? 如何可视化跟踪和跨度? 如何在多线程环境中保存我们的 span 上下文? 在 Rust 中进行跟踪时,你必须知道哪些 crat

CI/CD

Jenkins 管道,用于构建 Django 映像并将其推送到 dockerhub 和 GitHub webhook 集成。

这是系列文章的第四篇使用 Jenkins 将 Django 应用程序部署到 AWS EC2 实例。詹金斯的温和指南。在本文中,您将拼凑您所学的所有基础知识,并构建一个完整的 Jenkins 管道,该管道将构建 Django 映像并将其部署到 Dockerhub。您需要事先阅读过之前的文章 1.添加 init 阶段并加载script.groovy文件。在您的 JenkinsFile 中,添加加